Open-source code: How to stay secure while moving fast

2022-01-26 07:00

Organizations pulling their code from open source will often find themselves in scenarios where they have created a Frankensteined final artifact, with extremely fragmented origins.

Organizations must take time to carefully consider their approach to supply chain security to prepare for potential future security incidents, and to gain the full benefits of open source.

Regardless of who is initially responsible for the bugs, organizations face liability when shipping software that includes vulnerability-ridden open-source code.

Despite the risk factors, there are ways for organizations to effectively secure and protect their usage of open-source code.

With greater understanding of dependencies, and proper checks-and-balances in place to mitigate risks, teams can begin to feel secure in their open-source utilization and fully embrace its benefits.

Pulling the good out of the box and sealing away the bad. Organizations can - and should - take advantage of the rich rewards of the open-source community for excellent code and innovative solutions.

News URL

https://www.helpnetsecurity.com/2022/01/26/code-open-source/

#opensource #sourcecode